25 November, 2020
Far Out 312-49v9 Pdf Exam For ECCouncil Computer Hacking Forensic Investigator (V9) Certification
Exam Code: 312-49v9 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: ECCouncil Computer Hacking Forensic Investigator (V9)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-49v9 Exam.
Free demo questions for EC-Council 312-49v9 Exam Dumps Below:
Question 1
- (Topic 2)
You are working in the Security Department of a law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is a possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?fake email to the attorney that appears to come from his boss. What port do you send the email to on the company? SMTP server?
You are working in the Security Department of a law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is a possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?fake email to the attorney that appears to come from his boss. What port do you send the email to on the company? SMTP server?
Question 2
- (Topic 1)
Windows Security Accounts Manager (SAM) is a registry file which stores passwords in a hashed format. SAM file in Windows is located at:
Windows Security Accounts Manager (SAM) is a registry file which stores passwords in a hashed format. SAM file in Windows is located at:
Question 3
- (Topic 1)
Which of the following is not an example of a cyber-crime?
Which of the following is not an example of a cyber-crime?
Question 4
- (Topic 1)
Mobile phone forensics is the science of recovering digital evidence from a mobile phone under forensically sound conditions.
Mobile phone forensics is the science of recovering digital evidence from a mobile phone under forensically sound conditions.
Question 5
- (Topic 1)
Physical security recommendations: There should be only one entrance to a forensics lab
Physical security recommendations: There should be only one entrance to a forensics lab
Question 6
- (Topic 3)
A(n) ____ is one that’s performed by a computer program rather than the attacker manually performing the steps in the attack sequence.
A(n) ____ is one that’s performed by a computer program rather than the attacker manually performing the steps in the attack sequence.
Question 7
- (Topic 1)
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
Question 8
- (Topic 3)
George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS with a "time-based induction machine" be used. What IDS feature must George implement to meet this requirement?
George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS with a "time-based induction machine" be used. What IDS feature must George implement to meet this requirement?
Question 9
- (Topic 3)
What information do you need to recover when searching a victim computer for a crime committed with specific e-mail message?What information do you need to recover when searching a victim? computer for a crime committed with specific e-mail message?
What information do you need to recover when searching a victim computer for a crime committed with specific e-mail message?What information do you need to recover when searching a victim? computer for a crime committed with specific e-mail message?
Question 10
- (Topic 1)
During the seizure of digital evidence, the suspect can be allowed touch the computer system.
During the seizure of digital evidence, the suspect can be allowed touch the computer system.
Question 11
- (Topic 3)
Which of the following filesystem is used by Mac OS X?
Which of the following filesystem is used by Mac OS X?
Question 12
- (Topic 1)
Syslog is a client/server protocol standard for forwarding log messages across an IP network. Syslog uses ___ to transfer log messages in a clear text format.
Syslog is a client/server protocol standard for forwarding log messages across an IP network. Syslog uses ___ to transfer log messages in a clear text format.
Question 13
- (Topic 3)
E-mail logs contain which of the following information to help you in your investigation?
(Select up to 4)
E-mail logs contain which of the following information to help you in your investigation?
(Select up to 4)
Question 14
- (Topic 3)
What does the superblock in Linux define?
What does the superblock in Linux define?
Question 15
- (Topic 3)
When cataloging digital evidence, the primary goal is to
When cataloging digital evidence, the primary goal is to
Question 16
- (Topic 3)
In General, ____ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.
In General, ____ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.
Question 17
- (Topic 1)
Quality of a raster Image is determined by the ____ and the amount of information in each pixel.
Quality of a raster Image is determined by the ____ and the amount of information in each pixel.
Question 18
- (Topic 3)
Diskcopy is:
Diskcopy is:
Question 19
- (Topic 1)
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?
Question 20
- (Topic 1)
Which wireless standard has bandwidth up to 54 Mbps and signals in a regulated frequency spectrum around 5 GHz?
Which wireless standard has bandwidth up to 54 Mbps and signals in a regulated frequency spectrum around 5 GHz?
Question 21
- (Topic 3)
From the following spam mail header, identify the host IP that sent this spam? From jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001
Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk (8.11.6/8.11.6) with ESMTP id
fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT)
Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1) with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT)
Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk From: "china hotel web"
To: "Shlam"
Subject: SHANGHAI (HILTON HOTEL) PACKAGE Date: Tue, 27 Nov 2001 17:25:58 +0800 MIME-Version: 1.0
X-Priority: 3 X-MSMail- Priority: Normal
Reply-To: "china hotel web"
From the following spam mail header, identify the host IP that sent this spam? From jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001
Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk (8.11.6/8.11.6) with ESMTP id
fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT)
Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1) with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT)
Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk From: "china hotel web"
To: "Shlam"
Subject: SHANGHAI (HILTON HOTEL) PACKAGE Date: Tue, 27 Nov 2001 17:25:58 +0800 MIME-Version: 1.0
X-Priority: 3 X-MSMail- Priority: Normal
Reply-To: "china hotel web"
Question 22
- (Topic 1)
Ron. a computer forensics expert, Is Investigating a case involving corporate espionage. He has recovered several mobile computing devices from the crime scene. One of the evidence that Ron possesses is a mobile phone from Nokia that was left in on condition. Ron needs to recover the IMEI number of the device to establish the identity of the device owner. Which of the following key combinations he can use to recover the IMEI number?
Ron. a computer forensics expert, Is Investigating a case involving corporate espionage. He has recovered several mobile computing devices from the crime scene. One of the evidence that Ron possesses is a mobile phone from Nokia that was left in on condition. Ron needs to recover the IMEI number of the device to establish the identity of the device owner. Which of the following key combinations he can use to recover the IMEI number?
Question 23
- (Topic 2)
Where does Encase search to recover NTFS files and folders?
Where does Encase search to recover NTFS files and folders?
Question 24
- (Topic 3)
When operating systems mark a cluster as used but not allocated, the cluster is considered as ____
When operating systems mark a cluster as used but not allocated, the cluster is considered as ____
Question 25
- (Topic 1)
WPA2 provides enterprise and Wi-Fi users with stronger data protection and network access control which of the following encryption algorithm is used DVWPA2?
WPA2 provides enterprise and Wi-Fi users with stronger data protection and network access control which of the following encryption algorithm is used DVWPA2?
Question 26
- (Topic 3)
What type of analysis helps to identify the time and sequence of events in an investigation?
What type of analysis helps to identify the time and sequence of events in an investigation?
Question 27
- (Topic 2)
An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?
An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?
Question 28
- (Topic 1)
A system with a simple logging mechanism has not been given much attention during development, this system is now being targeted by attackers, if the attacker wants to perform a new line injection attack, what will he/she inject into the log file?
A system with a simple logging mechanism has not been given much attention during development, this system is now being targeted by attackers, if the attacker wants to perform a new line injection attack, what will he/she inject into the log file?
Question 29
- (Topic 3)
How many sectors will a 125 KB file use in a FAT32 file system?
How many sectors will a 125 KB file use in a FAT32 file system?
Question 30
- (Topic 1)
Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?
Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?